Within an SS2.0 BeforeLoad script, I'm trying to retrieve the current user/role permission level for a specific record.
The custom record name is customrecord_payments with an internal id of 368.
Using the following:
var permission = runtime.getCurrentUser().getPermission({name:'LIST_CUSTRECORDENTRY368'})
Always returns a value of 4 ("FULL") regardless of the user role logged in, so the code above cannot be correct.
What is the correct "permission" to look up?
To my knowledge, you cannot access the specific permissions of a record, only the permissions that are available on the employee record, which pertain to records as a whole. To get around this, you'll need to maintain the logic in your record as well as the code. So it would be something like:
if ((user.role === role.id) && (context.type === context.UserEventType.EDIT)) {
// ...
}
If you find out otherwise, please let us know!
name:'LIST_CUSTRECORDENTRY368' this would be different for different accounts.
I have retrieved that id by creating a search of type: 'customrecordtype' and then comparing the scriptId , to get the id and then appending it to LIST_CUSTRECORDENTRY. and then getting the permission using getpermission api.
Related
We are using the MS Graph API and would like to check the changes of users in a certain group. Currently we get the users via this query:
https://graph.microsoft.com/v1.0/groups/group-id/members
This is how we retrieved the delta of the group:
https://graph.microsoft.com/v1.0/groups/delta?$filter=id eq 'GroupId'&$select=members
Now my question would be if there is a way to relate this delta only to users in this group.
I can see a result when I add or delete a user from the group, but I need a result, even if the name, street or something else getting changed.
I would be very grateful for any feedback.
Kind regards
There are limited supported-resources to query delta , which includes groups, Users etc but not particularly for member and its properties of one such group.
I tried to query for members this way and got unsupported error
https://graph.microsoft.com/v1.0/groups/xxxxxxxx/members/delta?$select=displayName,jobTitle,mobilePhone
But you may retrieve members of all groups whose membership changes, such as when users are added or removed /( updated ) as you knew .
I’ve tried this way with prefer: return=minimal 'header' to return only the object properties that have changed since the last round. and got removed and updated users but their properties that changed are not listed .We may need to copy the user Id that changed and query for that using user-delta
https://graph.microsoft.com/beta/groups/delta?$filter=id+eq+'xxxx-xxxxa-xxxxx52eb'&$select=members+&$select=displayName
(or)
https://graph.microsoft.com/beta/groups/delta?$filter=id+eq+'xxxx2-xxxxxxxxeb'&$expand=members
To filter separately for other properties like jobTitle ,its not valid .
https://graph.microsoft.com/beta/groups/delta?$filter=id+eq+'xxxxxxxxxxxx2-xxx'&$expand=members+&$select=displayName,jobTitle,mobilePhone
You can raise a Support request for the same.
References :
delta-query-groups | Microsoft Docssupported-resources
microsoft-graph-issues
Im using IGraphServiceClient related below code to get list of Azure AD users belongs to a particular group.
IGroupMembersCollectionWithReferencesPage lstOfAdusers = await _graphServiceClient.Groups[GroupName].Members.Request().GetAsync();
But user.MemberOf returns null.
How to query to get list of Azure AD users belongs to a particular group along its with "MemberOf" property using IGraphServiceClient ?
You should use group ID instead of group name to call this method.
IGroupMembersCollectionWithReferencesPage lstOfAdusers = graphServiceClient.Groups["groupID"].Members.Request().GetAsync().Result;
You need to call another method to get the values of user.memberof.
var meberoflist=graphServiceClient.Users["userID"].MemberOf.Request().GetAsync().Result;
I'm trying to query for some SP list items, all is working fine except I can't seem to expand a custom column of type Person.
I can see the createdBy and lastModifiedBy expanded and even includes the AAD user id, which is great and also leads me to think what I want is possible!
But mine is a custom column.
I'm running this and can only seem to get the SP user list id and the user's display name...neither of which are much use.
/items?expand=fields(select=UserLookupId,User)
Ideally I'd like to get the AAD user id as per createdBy and modifiedBy field, but the email would suffice.
Otherwise the only way I can see is to query the User Information List (using the UserLookupId) to get the email?
Thanks
This appears to be correct assumption:
Otherwise the only way I can see is to query the User Information List
(using the UserLookupId) to get the email?
for non-system user fields, it is indeed a way to go, but there are some distinctions whether user field is multi-valued or single-valued.
If Approvers is a multi-valued user field, then the following query:
https://graph.microsoft.com/v1.0/sites/{site-id}/lists/{list-id}/items?$expand=fields($select=Approvers)
returns email and id properties along with displayName property for user field value.
While for single-valued user field only id (available via {userfield}LookupId property) and displayName properties could be requested via items endpoint, for example:
https://graph.microsoft.com/v1.0/sites/{site-id}/lists/{list-id}/items?$expand=fields($select=Approver,ApproverLookupId)
So, indeed User Information List needs to be utilized to request additional user properties, for example:
https://graph.microsoft.com/v1.0/sites/root/lists('User Information List')/items/{item-id}/?$expand=fields($select=Email)
where item-id corresponds to user field lookup id
This was my experience modifying the
Build Angular single-page apps with Microsoft Graph. In the examples below, I changed my id's out with the default text.
Here is
The Finished Project on thier github
In Graph Explorer, this worked. You can verify it at the Microsoft Graph Explorer.
https://graph.microsoft.com/v1.0/sites/{site-id}/lists/{list-id}/items?expand=fields($select=id,Title)
In the app/graph.service.ts in the app, this did not work. Even though you would expect it to based on the graph explorer.
.api('/sites/{site-id}/lists/{list-id}/items?fields($select=id,Title)')
Changing the app/graph.service.ts api call worked.
.api('/sites/{site-id}/lists/{list-id}/items?')
.expand('fields($select=id,Title)')
The result looked like this:
fields: {
#odata.etag: ""d6f5b6ea-9f90-452d-98ba-e838f58d3359,1"",
Title: "IT SPECIALIST (MID)",
id: "20"
}
Here's an example site id:
some.sharepoint.com,9dk062b-2e54-4e4f-b71a-cdb74f42cc44,c6cf6b0a-cc7c-41fd-a76a-ef8f97e8a22f
Here's an example list id.
8eg8c29a-5555-4cfc-bfa4-0e907488f781
The end url won't have any {} in it.
I'm trying to get an app I'm working on to display all associated user notes for a given Customer record (as it appears on the UI Customer record page in Netsuite proper).
To that end, I've set up a Netsuite RESTlet to return a list of internal ids for associated Note records given a Customer internal id.
I've set up a simple search in the RESTlet script:
function get_notes(params) {
log("GET params", JSON.stringify(params));
var filters = [
new nlobjSearchFilter('internalid', 'customer', 'is', params.id)
];
var columns = [
new nlobjSearchColumn('internalid'),
new nlobjSearchColumn('note'),
];
var search = nlapiCreateSearch('note', filters, columns);
var notes = search.runSearch().getResults(0, 3);
return notes;
}
function log(msg, details) {
nlapiLogExecution('DEBUG', msg, details);
}
The script works as expected, but the problem is that this search ONLY returns Notes for which the author field (which is a user internal id) matches the internal id of the user performing the search. Meaning - you can only search for Notes for which you are the author.
I have been informed that this is a 'feature' of Netsuite for some unfathomable security reason.
I need to be able to get a list of all the associated Note ids, not just those for which the user making the request is the author.
Any ideas on a workaround to get at all the associated Notes? A different way to structure the search? Some kind of secret way to define your own custom Search Joins?
I can't even find documentation on this behavior (blocking Note searches from non-authors). Perhaps someone knows how to override it at the admin level?
I'm not quite ready to admit that this is impossible yet.
NB: User Note is a Note-type record associated with the Customer record, not a field on Customer record, so I can't access it directly from Customer. There is also not a Search Filter or Search Join for Note or User Note.
Using RESTlets you cannot get the notes of other users unless you invoke the RESTlet using credentials/tokens of roles like Administrator/Full Access. RESTlets always runs in the context of current user.
One alternative to do that, if you really got to achieve this any how:
1) Create a user event script on customer which creates a custom record that simulates the functionality of system notes.
2) Make sure that the RESTlet user roles have full level of access on the custom record and make customer as parent of your custom record.
3) In your RESTlet return the custom records.
Basically RESTLETS always run as the user who invokes them.
If you can use a Suitelet for this you can set that up to run as Administrator and can return any Notes you can craft a search for.
Are you actually needing a Restlet ? i.e. Are you calling this from an external application or are you trying to add functionality in the NS GUI? If the latter then you can easily use a Suitelet.
I have created a custom User profile template and object in the core database in Sitecore (as per the Security API Cookbook).
I can select this programmatically (as per the Security API Cookbook) so that my extranet users have an extended profile, that covers all the usual suspects (Address, phone, email format etc.)
However, where is this data stored? And how do I access it if I want to query the database to return a subset of users based on this profile data.
A typical requirement for an extranet member system is to extract a list of users to contact either in an email or a phone type campaign. Can this be done with the Sitecore membership system?
UPDATE>
I'm going to take a guess and say the profile data is stored in aspnet_Profile.PropertyValuesBinary .. which would make it nigh on impossible to query and not suited to my purpose. That is unfortunate. So to extend my question, if that is the case, is it possible to get Sitecore to store those values in the text field so they are searchable?
The standard Microsoft implementation of the SqlProfileProvider (which is used in Sitecore by default) stores the user profile information in the aspnet_Profile table. All the properties are serialized into the PropertyNames / PropertyValuesString columns. The PropertyValuesBinary is used to store the binary data (images). You can find more details if you look at the code of System.Web.Profile.SqlProfileProvider, SetPropertyValues method.
Next, all the custom properties you define in the user profile, are serialized to the SerializedData property of the Profile class, and it is again serialized to the PropertyNames / PropertyValuesString columns like any other property.
Also, couple of properties are stored in aspnet_Membership table (for some reason) - Email and Comment.
So, if you are going to query the users by Email, you can use FindUsersByEmail method of MembershipProvider. Otherwise, if you plan to filter by another property value, I suppose, you'll have to get all users and filter the obtained collection.
Hope this helps.
I faced this exact problem last week, didn't come up with a permanent solution, but to solve my particular issue, I wrote a little helper page and added it as a Sitecore application to be accessed from the CMS interface. All it did was query all users, and determine if they had any of like 5-6 profile properties assigned.
var userList = Sitecore.Security.Accounts.UserManager.GetUsers();
That is the relevant line to grab the users, it returns Sitecore.Common.IFilterable
So if you need to do something where you're grabbing profile info from all users, you cn do something like this:
foreach (Sitecore.Security.Accounts.User user in userList)
{
Sitecore.Security.UserProfile profile = user.Profile;
string whatever = profile["Whatever"];
//add whatever to a list or something
}
This worked out very well for my purposes, but I don't know how feasible it will be in your situation.